1. INFORMATION AND CONSENT
The Personal Data Protection Act (hereinafter “LPDP”) and the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, henceforth “GDPR”) ensure the protection of natural persons with regard to the processing of personal data and the free movement of such data.
In legal terms, "personal data" is any information, of any nature and regardless of the respective support, including sound and image, relating to an identified or identifiable natural person, so the protection does not cover the data of legal persons.
Upon acceptance of this Privacy Policy, the user gives his informed, express, free and unequivocal consent for the personal data provided through the website https://www.galati.pt to be included in a file under the responsibility of Galati – Viagens e Tourism, whose treatment under the terms of the LPDP and the RGPD complies with the appropriate technical and organizational security measures.
Galati – Viagens e Turismo, maintains a database with the registration of its customers. The data present in this database are only the data provided by them at the time of their registration, being collected and processed automatically, under the terms approved by the National Data Protection Commission, by Galati – Viagens e Turismo, the entity responsible for the corresponding file.
The formalization of reservations through our website implies the introduction, by the user, of personal identification data into the system, such as aspects relating to their personal preferences, special circumstances that affect them or others, data relating to credit cards and debit, which will be used to facilitate and allow the contracting and reservation of specific services that make up the customer's request, as well as to provide information on products and services of Galati – Viagens e Turismo.
Under no circumstances will information be requested on philosophical or political beliefs, party or trade union affiliation, religious faith, private life and racial or ethnic origin, as well as data relating to health and sexual life, including genetic data.
Under no circumstances will we carry out any of the following activities with the personal data provided to us through this website:
(i) Assign to other persons or other entities, without the prior consent of the data subject;
(ii) Transfer outside the European Economic Area (EEA) without the prior consent of the data subject.
2. PROCESSING OF PERSONAL DATA
The personal data that we process through this page will only be used for the following purposes:
(i) Owning the activity linked to a travel agency, wholesale and retail;
(ii) Provision to the parties involved in the services requested by the User to carry out the reservation / service contracted by the User;
(iii) Management, administration, provision, expansion and improvement of services in which the user decides to subscribe and register or use the adequacy of these services to the preferences and tastes of users;
(iv) Studying the use of services by users;
(v) Verify, maintain and develop statistical systems and analyses;
(vi) Advertising, promotion and commercial prospecting activities if duly authorized and consented by the User;
(vii) Send survey forms to which the user is not obliged to respond;
(vii) Send SMS messages for direct sales, advertising purposes or related to the contracted service, if duly authorized and consented by the User.
The user may consent to Galati – Viagens e Turismo processing their Personal Data in order to determine their profile and offer them suitable products and services. These services may be owned or provided by third parties.
On the other hand, the user consents to access information regarding the service contracted with Galati – Viagens e Turismo in order to be able to offer additional services to the contracted party.
When personal data are collected through the "Newsletter" form or through other forms that relate to the activity of the website, it will be necessary for the user to fill in at least those marked with an asterisk, since by not providing this data considered necessary and appropriate, Galati – Viagens e Turismo will not be able to accept or manage the web service or the consultation requested by you.
At the time of collection of personal data, except in the fields where the contrary is indicated, the user may voluntarily make the personal data available, without the lack of response implying a decrease in the quality or quantity of the corresponding services (unless it is indicated otherwise). However, the lack of response to the data, considered mandatory, will imply the impossibility of accessing the service for which the data were requested.
If you do not agree with the conditions mentioned above, Galati – Viagens e Turismo will not be able to contract with the user and consequently will not be able to accept your reservation.
3. ASSIGNMENT OF PERSONAL DATA
Galati – Viagens e Turismo may disclose user information to third parties solely for the purpose of completing the requested reservation and for administrative reasons under the terms of the legislation in force for carrying out trips / service to certain countries.
Any data collected in this way on the website will be transmitted, in accordance with the provisions of current data protection legislation, to the entities involved to contract the required services to the extent absolutely necessary for the realization of the reservation / service intended and for compliance of the legislation of the countries of destination.
In addition, the user will expressly consent that personal data may be transferred to:
(i) National and international authorities competent in matters of tourism, terrorism or crimes that violate human rights;
(ii) Any legal entity affiliated with or participated in by Galati – Viagens e Turismo or the company that has provided the contracted service (hotels, water, land, rail, air, rental, etc.), so that they can use them with the purpose of the correct provision of each service requested by the user.
The user guarantees that the information provided is true, accurate, complete and up to date, and is responsible for any damage or loss, direct or indirect, that may be caused as a result of the breach of this obligation. In the event that the data provided belongs to a third party, the user guarantees that he has informed the said third party of the aspects contained in this document and has obtained its authorization to provide his data to Galati – Viagens e Turismo for the indicated purposes.
4. SECURITY
Galati – Viagens e Turismo, declares that it has implemented and will continue to implement the security measures of a technical and organizational nature necessary to guarantee the security of the personal data provided to it in order to avoid its alteration, loss, treatment and/or access. unauthorized, taking into account the current state of technology, the nature of the data stored and the risks to which they are exposed.
Personal data are treated with the level of protection legally required to guarantee their security and prevent their alteration, loss, treatment or unauthorized access, taking into account the state of the technology, being the user aware and accepting that the measures of Internet security are not impregnable.
For security in user communications, Galati – Viagens e Turismo uses SSL – Secure Socket Layer technology, which guarantees security in all credit card transactions. This technology encodes credit card data and transfers it via the internet into individual modules that will only be gathered later. Credit card details are used only to make the payment and, after the transaction has been carried out, they are deleted from our records.
For security reasons applicable to certain countries, it is mandatory to place information regarding data such as name, passport number, gender, age, nationality in the flight reservations. This information contained in the reservation may, under the terms of applicable legislation, be consulted by the customs authorities of the countries of origin or destination.
Galati – Viagens e Turismo, accessing any personal data, undertakes to:
(i) Store them through legally required security measures, of a technical and organizational nature, that guarantee their security, thus preventing unauthorized alteration, loss, treatment or access, in accordance with the state of the technology in each time, the nature of the data and the possible risks to which they are exposed;
(ii) Use the data exclusively for the purposes previously defined;
(iii) Make sure that the data are processed only by the workers whose intervention is necessary for the provision of the service, who are bound by the duty of secrecy and confidentiality. If there is a possibility that the information may be disclosed to third parties, they must be obliged to maintain the necessary confidentiality in accordance with the provisions of this document.
5. COMMERCIAL AND PROMOTIONAL COMMUNICATIONS
One of the purposes for which we process personal data provided by users is to send electronic communications with information regarding commercial and promotional communications.
Whenever we make a communication of this type, it will be directed exclusively to users who have previously and expressly authorized them.
In accordance with the provisions of Decree-Law n.º 7/2004, of 7 January, in case the user wishes to stop receiving commercial or promotional communications from Galati – Viagens e Turismo, he/she may request the opposition of the service by sending an e-mail email to geral@galati.pt or through the link enabled for this purpose in the communications themselves
6. EXERCISE OF RIGHTS
In accordance with the provisions of the LDPD and the RGPD, the user may at all times exercise their rights of access, rectification, erasure, limitation, opposition and portability, by means of a written request by any of the following means, including, in any case, a copy of a document proving your identity and specifying the right or rights you wish to exercise.
Household: Rua Belo Horizonte 9F, 2780-006 OEIRAS
Email: geral@galati.pt
In addition, and even being registered on the site, the user may decide not to receive information from us, whether the newsletter is of another kind, choosing the appropriate option on that same page “personal data”.
7. CONTROL AUTHORITY
In legal terms, the data subject has the right to submit a complaint regarding the protection of personal data to the competent supervisory authority, the National Data Protection Commission (CNPD) www.cnpd.pt
